.

com-lihaoyi · Jan 20, 2025 · 7978b13 · 7978b13
1 parent ba3c3c7
commit 7978b13
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 4 deletions.
diff --git a/contrib/package.mill b/contrib/package.mill
@@ -214,5 +214,6 @@ object `package` extends RootModule {
 
   object sbom extends ContribModule {
     def compileModuleDeps = Seq(build.scalalib)
+    def testModuleDeps: Seq[JavaModule] = super.testModuleDeps ++ Seq(build.scalalib)
   }
 }
diff --git a/contrib/sbom/src/mill/contrib/sbom/CycloneDXModule.scala b/contrib/sbom/src/mill/contrib/sbom/CycloneDXModule.scala
@@ -1,7 +1,10 @@
 package mill.contrib.sbom
 
+import coursier.core as cs
+import coursier.core.Configuration
 import mill.*
 import mill.javalib.{BoundDep, JavaModule}
+import mill.util.CoursierSupport.ResolvedDependency
 import os.Path
 import upickle.default.{ReadWriter, macroRW}
 
@@ -43,7 +46,18 @@ object CycloneDXModule {
 trait CycloneDXModule extends JavaModule {
   import CycloneDXModule.*
 
-  def sbomDeps: T[Agg[BoundDep]] = Target { transitiveRunIvyDeps() ++ transitiveIvyDeps() }
+  def resolvedRunIvyDepsDetails(): Task[Agg[ResolvedDependency]] = Task.Anon {
+    defaultResolver().resolveDependenciesFiles(
+      Seq(
+        BoundDep(
+          coursierDependency.withConfiguration(cs.Configuration.runtime),
+          force = false
+        )
+      ),
+      artifactTypes = Some(artifactTypes()),
+      resolutionParamsMapOpt = Some(_.withDefaultConfiguration(cs.Configuration.runtime))
+    )
+  }
 
   private def sha256(f: Path): String = {
     val md = MessageDigest.getInstance("SHA-256")
@@ -53,9 +67,7 @@ trait CycloneDXModule extends JavaModule {
   }
 
   def sbom: T[SBOM_JSON] = Target {
-    val deps = sbomDeps()
-
-    val resolvedDeps = defaultResolver().resolveDependenciesFiles(deps)
+    val resolvedDeps = resolvedRunIvyDepsDetails()()
 
     val components = resolvedDeps.map { dependency =>
       val dep = dependency.dependency

diff --git a/contrib/sbom/test/src/mill/contrib/sbom/CyclonDXModuleTests.scala b/contrib/sbom/test/src/mill/contrib/sbom/CyclonDXModuleTests.scala
@@ -0,0 +1,22 @@
+package mill.contrib.sbom
+
+import mill.Agg
+import mill.javalib._
+import mill.testkit.TestBaseModule
+import utest.{TestSuite, Tests, test}
+object CyclonDXModuleTests extends TestSuite{
+  object TestModule extends TestBaseModule {
+    case object versionFile extends JavaModule with CycloneDXModule{
+      def ivyDeps = Agg(
+        ivy"org.testng:testng:6.11"
+      )
+    }
+  }
+
+
+  override def tests = Tests{
+    test("hello world"){
+      assert(false)
+    }
+  }
+}
diff --git a/main/util/src/mill/util/CoursierSupport.scala b/main/util/src/mill/util/CoursierSupport.scala
@@ -460,6 +460,9 @@ object CoursierSupport {
     // TODO: For review: Inclear to me if that even needs to be an option, or if we can always return a 'revalidate once' path??
     def withRevalidateOnce: ResolvedDependency = copy(path = path.withRevalidateOnce)
   }
+  object ResolvedDependency {
+
+  }
 
   /**
    * A Coursier Cache.Logger implementation that updates the ticker with the count and